Sr. Security Detection Engineer

Datavant is a data platform company and the world’s leader in health data exchange. Our vision is that every healthcare decision is powered by the right data, at the right time, in the right format.

Our platform is powered by the largest, most diverse health data network in the U.S., enabling data to be secure, accessible and usable to inform better health decisions. Datavant is trusted by the world’s leading life sciences companies, government agencies, and those who deliver and pay for care. 

By joining Datavant today, you’re stepping onto a high-performing, values-driven team. Together, we’re rising to the challenge of tackling some of healthcare’s most complex problems with technology-forward solutions. Datavanters bring a diversity of professional, educational and life experiences to realize our bold vision for healthcare.

What We’re Looking For

We are seeking a highly skilled and experienced Senior Security Detection Engineer to join our Security Operations team. This role is critical to the implementation and maintenance of our threat detection infrastructure, automation of security controls, and adherence to compliance frameworks such as FedRAMP, SOC 2, and HIPAA.

The ideal candidate will have deep technical knowledge in AWS infrastructure and security services, strong hands-on experience with Splunk Enterprise Security, and a solid grasp of modern security best practices. If you're passionate about building secure systems and enabling high-quality detections at scale, we'd love to hear from you.

What You Will Do

Detection & Response Infrastructure

• Manage and maintain SIEM platforms (Splunk ES) across government and commercial environments.
• Perform SIEM capacity planning, configuration tuning, and tenant administration.
• Design and deploy security detections using custom Splunk SPL and alerting frameworks.
• Administer EDR platforms (e.g., CrowdStrike Falcon), including tenant management and policy tuning.
• Automate logging pipeline and detection logic deployments.

Compliance & Audit Support

• Support internal and external audit requests (FedRAMP, SOC 2, HIPAA, HITRUST, etc.).
• Ensure appropriate audit logging is implemented across critical infrastructure and product applications.
• Assist with ASVF (Automated Security Validation Framework) requests.

Security Platform Integrations & Operations

• Install, configure, and maintain Splunk Apps and Add-Ons including:
• Splunk Add-On for AWS
• Splunk Add-On for Windows
• Google Workspace for Splunk
• Splunk Add-On for Azure/Microsoft Services
• Build and maintain dashboards, reports, and analytics in Splunk.
• Manage clustered Splunk environments with multiple search heads and indexers.
• Onboard new data sources and integrate telemetry across platforms.

Special Projects

• Participate in M&A integrations related to SIEM, EDR, DLP, IDP/IPS, MSSP SOC, and other security tools.
• Lead initiatives around web filtering, email firewall integration, and data loss prevention strategies.

What You Need to Succeed

• 4+ years of experience in an IT or Information Security field within a highly regulated environment.
• Strong technical knowledge of AWS infrastructure and security services (EC2, ELB, Guard Duty, Config, Inspector, Security Hub, RDS, Route53, S3, VPC, VPN, TGW, CloudWatch, CloudTrail, EventBridge, etc.)
• Experience with regulatory compliance frameworks (e.g., HIPAA, HITRUST, PCI, SOC 2, ISO 27001)
• Proficient with managing Splunk Enterprise Security, Splunk architecture and administration (indexers, forwarders, SH clusters)
• Experience with endpoint protection platforms like CrowdStrike Falcon
• Strong understanding of SIEM and EDR operations in regulated environments

What Helps You Stand Out

• Familiarity with modern security data lakes and cloud-native detection architectures.
• Experience working in agile environments with DevOps methodologies.
• Experience collaborating with Software Engineering and Infrastructure teams to onboard new data sources.
• Strong UNIX/Linux administration skills.
• Understanding of Kubernetes RBAC, network policies, and audit logging.
• Experience with FedRAMP-compliant projects is a plus.

We are committed to building a diverse team of Datavanters who are all responsible for stewarding a high-performance culture in which all Datavanters belong and thrive. We are proud to be an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status.

At Datavant our total rewards strategy powers a high-growth, high-performance, health technology company that rewards our employees for transforming health care through creating industry-defining data logistics products and services.

The range posted is for a given job title, which can include multiple levels. Individual rates for the same job title may differ based on their level, responsibilities, skills, and experience for a specific job.

The estimated total cash compensation range for this role is:$148,000—$185,000 USD

To ensure the safety of patients and staff, many of our clients require post-offer health screenings and proof and/or completion of various vaccinations such as the flu shot, Tdap, COVID-19, etc. Any requests to be exempted from these requirements will be reviewed by Datavant Human Resources and determined on a case-by-case basis. Depending on the state in which you will be working, exemptions may be available on the basis of disability, medical contraindications to the vaccine or any of its components, pregnancy or pregnancy-related medical conditions, and/or religion.

This job is not eligible for employment sponsorship.

Datavant is committed to a work environment free from job discrimination. We are proud to be an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status. To learn more about our commitment, please review our EEO Commitment Statement here. Know Your Rights, explore the resources available through the EEOC for more information regarding your legal rights and protections. In addition, Datavant does not and will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay. 

At the end of this application, you will find a set of voluntary demographic questions. If you choose to respond, your answers will be anonymous and will help us identify areas for improvement in our recruitment process. (We can only see aggregate responses, not individual ones. In fact, we aren’t even able to see whether you’ve responded.) Responding is entirely optional and will not affect your application or hiring process in any way.

Datavant is committed to working with and providing reasonable accommodations to individuals with physical and mental disabilities. If you need an accommodation while seeking employment, please contact us at peopleteam@datavant.com. We will review your request for reasonable accommodation on a case-by-case basis.

For more information about how we collect and use your data, please review our Privacy Policy.